Windows 2003 Kerb V Trust Question

Matt Joyce syslists at
Mon Feb 14 15:48:37 EST 2005

Hi there.  Me again!

     So here's a quick synopsis of what I've done thus far.

      I have a 2003 based Active Directory box.
      I have a RHAS 3.4 box running recent Krb5kdc.

      I have used Ksetup to add my KDC to the 2003 box.

      I have setup a trust between the Active Directory Domain and the 
Kerb V Realm

      I have setup principals for the ActiveDirectory host using the 
password I entered in the trust I setup.

      I have mapped users from Kerb5 to AD users

      I am synching server times off of an ntp server.

      I can see my Kerb5 Realm as an authentication domain in the list 
of availible domains.

      Logs on RHAS box indicate that the AD Box is being issued tickets 
for users when they try to login.

      I cannot auth to 2003 using my kerb5 usernames / passwords. 

I am stumped.  What have I missed?  I was under the assumption that when 
setting up a trust relationship between active directory and a kerb5 
realm it was not necessary to create host principals on the 2003 machine 
for the kerb5 server.  Am I mistaken?

I have been following docs posted.

Thanks for the help in advance

   - Matt Joyce.

More information about the Kerberos mailing list